Greetings all,
I've been asked to look at a method of setting and enforcing password
policies on Tru64 5.1
Specifically I've been asked what of the following is possible:
- Lock accounts after n unsuccessful login attempts
- Enforce > 6 character passwords
- Enforce mixture of case in passwords
- Enforce inclusion of either a special character or numeric in passwords
I know Enhanced Security mode will let me set password policies and I'm
reading up on that at the moment. What I'm not sure of is exactly what else
enhanced security mode will do :) This is an existing production server
that can't afford to get 'broken' by an attempt at setting up enhanced
security for the sake of stronger passwords for the relatively few login
accounts.
If I try enhanced security can I turn on the subset of enhanced security
that deals with password authentication or is it all-or-nothing?
Only 'system' accounts (root, oracle, bmc patrol user etc.) are in
/etc/passwd, the 50 or so login user accounts live in NIS. The other couple
hundred users just authenticate to oracle's authentication via their oracle
client.
Any advice/tips/pointers greatly appreciated.
Many thanks,
Adrian Blount
Security Engineer
Alphawest 6 Pty. Ltd.
Phone: +61 8 9429 6100
Fax: +61 8 9429 6130
http://www.alphawest6.com.au
The Valuer General's Office of WA
Phone: 61 8 9429 8400
Web:
http://www.vgo.wa.gov.au
Location: Level 2, 18 Mount St, Perth, Western Australia
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the helpdesk (helpdesk_at_vgo.wa.gov.au).
This email message has been swept for the presence of computer viruses.
Received on Fri Aug 31 2001 - 02:41:08 NZST